About Me

LLMs are being enhanced with the ability to use tools and to process multiple modalities (and formulate agents). These new capabilities bring new benefits and also new security risks. In this thrust of work, we show a novel threat model where an attacker can use automatically generated adversarial examples to cause attacker-desired tool usage. For example, the attacker could cause a victim LLM to delete calendar events, leak private conversations and book hotels.

The recent advancement in Cyber Physical Systems (CPS) and the Artificial Intelligence of Things (AIOT) has brought significant productivity and utility enhancement across all walks of life. However, safety and security concerns and usability challenges have prohibited the wide adoption of AI-powered smart "things" in large-scale real-world systems. My research aims to close this gap by enabling secure and safe interaction with Cyber-Physical Systems in a user-friendly manner. Smart commercial b ...

In our work, we deviate from the status quo and show how users can authenticate themselves using biometrics whilst. We utilize primitives from cryptography -- namely fuzzy extractors -- to ensure that there is no requirement to perform template matching (of a template stored in the clear) on trusted hardware.

In this project, we analyzed the performance of the gVisor memory management subsystem, starting from benchmarking malloc and ending up focusing on MMAP. We further profiled MMAP performance within gVisor and identified its bottlenecks. We proposed an optimization in the free page searching algorithm of virtual memory space within gVisor (from O(N) to O(logN)). This optimization patch has been merged into production.